New Topic/Question
Reply
I want a user to be able to add person entities to their account, as can somewhat be seen below.
A visual for what the user's page looks like (very unfinished, it's been at the bottom of my list a while due to other concerns):
But when I try my current scheme, it exclaims that I haven't entered a password (because I'd like to not need the password, since they're already authenticated).
So I'm getting the feeling that I just need to pass the user's password into the form as a hidden input. Is that the standard method or am I missing something? I don't even know how to pull that data out of memory =/
=====
Ok, there's SO MUCH code to share here it's ridiculous.
User Model (error msg origin... it's based on a template from ruby.railstutorial.com/book):
require 'digest'
class User < ActiveRecord::Base
attr_accessor :password
attr_accessible :email, :password, :password_confirmation
has_many :persons
has_many :addresses
has_many :todos, :dependent => :destroy
has_one :employee
has_many :relationships, :foreign_key => "follower_id", # override the foriegn key default, "relationship_id"
:dependent => :destroy
has_many :following, :through => :relationships, :source => :followed # override to use "followed_id"
has_many :reverse_relationships, :foreign_key => "followed_id",
:class_name => "Relationship",
:dependent => :destroy
has_many :followers, :through => :reverse_relationships, :source => :follower
email_regex = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
#validates :name, :presence => true, :length => { :maximum => 50 }
validates :email, :presence => true, :format => { :with => email_regex },
:uniqueness => { :case_sensitive => false }
validates :password, :presence => true,
:confirmation => true,
:length => { :within => 6..40 }
before_save :encrypt_password
def has_password?(submitted_password)
encrypted_password == encrypt(submitted_password)
end
def self.authenticate(email, submitted_password)
user = find_by_email(email)
return nil if user.nil?
return user if user.has_password?(submitted_password)
end
def self.authenticate_with_salt(id, cookie_salt)
user = find_by_id(id)
(user && user.salt == cookie_salt) ? user : nil
end
def following?(followed)
relationships.find_by_followed_id(followed)
end
def follow!(followed)
relationships.create!(:followed_id => followed.id)
end
def unfollow!(followed)
relationships.find_by_followed_id(followed).destroy
end
def feed
## This is preliminary. See Chapter 12 for the full implementation.
# Micropost.where("user_id = ?", id)
Micropost.from_users_followed_by(self)
end
private
def encrypt_password
self.salt = make_salt if new_record?
self.encrypted_password = encrypt(password)
end
def encrypt(string)
secure_hash("#{salt}--#{string}")
end
def make_salt
secure_hash("#{Time.now.utc}--#{password}")
end
def secure_hash(string)
Digest::SHA2.hexdigest(string)
end
end
Controller for persons.. for creating persons (tied to form's action):
def create
#@person = Person.new(params[:person])
@user = User.where(:id => params[:person][:user_id] ).first
#make sure the user being edited is the current user
if current_user != @user
flash[:error] = "You don't have access to this user's persons"
render '/'
return
end
# current_user.persons.new(params[:person])
if current_user.update_attributes(:person => params[:person]) #current_user.save
# sign_in @user
flash[:success] = "Person successfully created!"
redirect_to @user
else
flash[:error] = current_user.errors
redirect_to @user
end
end
Controller for the view (users controller):
.
.
.
def show
@user = User.find(params[:id]) # Think www.example.com/users/:id
#@microposts = @user.microposts.paginate(:page => params[:page])
@persons = @user.persons
@new_person = @user.persons.new
@title = @user.email
@employee = @user.employee
end
.
.
.
The view pictured:
<h1>Person X</h1>
<div class="user_info">
<% unless @persons.empty? %>
<% @persons.each do %>
hi<br>
<% end %>
<% else %>
There are no person details registered for this account.<br><br>
<%end%>
<a href='javascript:showFormForAddingPerson();'>Add a new 'Person' to your account?</a>
<%= form_for(@new_person, :url => { :action => "create", :controller => "persons" } ) do |f| %>
<% if @new_person.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(@new_person.errors.count, "error") %> prohibited this user from being saved:</h2>
<ul>
<% @new_person.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<div class="field">
<div class='entry'>
<%= f.label :user_id, 'User ID:' %>
<%= f.text_field :user_id %><br />
</div>
<div class='entry'>
<%= f.label :first_name, 'First Name:' %>
<%= f.text_field :first_name %><br>
</div>
<div class='entry'>
<%= f.label :last_name, 'Last Name:' %>
<%= f.text_field :last_name %><br>
</div>
<div class='entry'>
<%= f.label :email, 'Email:' %>
<%= f.text_field :email %><br>
</div>
<%= f.submit %>
</div>
<%end%>
</div>
MultiQuote
| 